Is LinkedIn Scraping Legal? Key Laws and Best Practices

Shehriar Awan
October 8, 2024

17 min read

This makes LinkedIn a goldmine of leads waiting to be tapped into.

But is it legal to scrape LinkedIn data?

intro collage - image18.png

That’s what we’re going to find out today.

Disclaimer

This content is based on publicly available information and does not constitute legal advice. The opinions expressed are solely those of the author and are not a substitute for legal guidance.

For advice tailored to your specific project, country, or legal needs, please consult with a qualified legal professional.

In this article, I’ll help you understand the legality of LinkedIn scraping, the key laws involved, and best practices.

We’ll learn:

  1. Does LinkedIn allow web scraping?
  2. Is it legal to scrape LinkedIn data?
  3. How to scrape LinkedIn data responsibly?

But before that, let’s settle the debate.

The short answer is Yes. Though LinkedIn doesn’t allow it, it's legal if done properly.

Scraping public data ✅ is fully legal.

Scraping private data?

  1. Have legit access ✅
  2. For personal use ✅
  3. Sell or distribute ❌
  4. Using fake accounts ❌

Didn’t get my point?

Let’s dive into the details, starting with understanding web scraping.

What is web scraping?

Web scraping means automating data collection from a website using a bot.

A web scraper eliminates the need to manually copy information into a spreadsheet, allowing you to extract data quickly and at scale.

This data can include anything publicly available on a website, such as names, contact information, or product information.

linkedin profile data points - image28.png

How does a web scraper work?

A web scraper (aka crawler or bot) visits web pages, extracts the HTML code, and identifies the data you need based on predefined rules.

linkedin html - image10.png

These scrapers are designed to navigate pages just like humans, but much faster.

Once the scraper retrieves the data, it can save it in a structured format like a spreadsheet or database for further use.

For example, if you're scraping LinkedIn, a scraper could pull data such as names, job titles, company information, or profile URLs from public profiles or search results.

sales nav leads scraper - image2.png

But why do we need a LinkedIn scraper?

Why scrape data from LinkedIn?

LinkedIn is a goldmine of professional data. Many businesses scrape LinkedIn for various reasons like:

  1. Generate leads by collecting potential customer information
  2. Find qualified candidates for job openings
  3. Market Research for industry trends and competitors

But why parse HTML code instead of using the official LinkedIn API?

Why not use the official API for data collection?

The first question is – Is there no LinkedIn API for collecting data officially?

Well LinkedIn does have an API called People API for profile data collection.

But it’s basically useless due to reasons like:

  1. Poor documentation
  2. Limitations
  3. Exclusivity
Many developers on StackOverflow complain that it’s too difficult to use due to poor documentation.
linkedin api bad docs - image3.png

The documentation is so poorly written, the developers find scraping data by parsing HTML code easier.

linkedin api reddit comment - image23.png

Even if you understand the documentation, it only provides very basic profile data. Access to data like contact details is not allowed.

linkedin api data points - image7.png

Even if that’s OK for you, there’s another limitation.

You can only retrieve data from users who have explicitly authorized your application.

linkedin api usage - image27.png

And if that’s also manageable, there’s another catch.

The API is exclusively available to developers approved by LinkedIn and the approval process is also a mystery.

linkedin api no access - image4.png

The only option left is using a LinkedIn data scraper to collect data at scale.

But does LinkedIn allow it?

Does LinkedIn allow data scraping?

The short answer is no. LinkedIn does not allow any sort of automated access to its platform and it’s clearly mentioned in LinkedIn’s user agreement.
linkedin user agreement - image5.png

But what’s the reason?

Why does LinkedIn restrict scrapers?

LinkedIn has some pretty good reasons to restrict web scraping or automated access to its platform like:

  1. Protecting its business model
  2. Keeping the platform running smoothly
  3. Avoiding security risks
  4. Protecting user privacy

So does that mean I can get banned for scraping LinkedIn?

Can you get banned for scraping LinkedIn data?

Yes, LinkedIn can temporarily suspend or even permanently ban your account for scraping its data.
linkedin account ban - image14.png
To stop businesses from scraping data, LinkedIn takes legal action, including issuing cease-and-desist orders and pursuing litigation when necessary.
This is what happened in the LinkedIn vs. Mantheos case too. I’ll cover it in the next section.
linkedin mantheos settlement - image11.png

Wait, can I face legal action for collecting data from LinkedIn? This clearly means it’s illegal to scrape LinkedIn data.

Well that’s what LinkedIn says, there’s more to the story.

Let’s start with the case I mentioned above – the LinkedIn vs. Mantheos lawsuit.

LinkedIn vs Mantheos

In 2022, LinkedIn sued Mantheos Pte. Ltd. and its founders for scraping data from millions of LinkedIn profiles.

Mantheos is a business intelligence company that provides insights on individuals and companies.

LinkedIn claimed that the company used hundreds of fake profiles and virtual debit cards with fake names to fraudulently obtain LinkedIn Sales Navigator subscriptions.

mantheos fake accounts - image15.png

The company used these to scrape member profile information that was only available to real and logged-in LinkedIn members.

The case was settled, with Mantheos agreeing to a permanent ban from scraping LinkedIn or using its data.

linkedin vs mantheos - image30.png

They also had to destroy all the LinkedIn data they had collected.

So what did we learn from this lawsuit?

Sales Navigator is a premium product and a big chunk of LinkedIn’s revenue comes from this product. Only paying users are allowed to view its data.

Mantheos accessed Sales Navigator data through fake accounts and distributed it commercially to those who didn’t pay for Sales Navigator.

This obviously hurts LinkedIn’s business. Why’d I pay for Sales Navigator if Mantheos is providing me the same data without a LinkedIn premium account?

So it indeed falls under illegal web scraping and has serious consequences.

Basically we learned:

  1. Using fake accounts is not OK ❌
  2. You cannot collect and distribute content behind paywall ❌

But does this mean scraping LinkedIn data is illegal?

Not exactly. The LinkedIn vs HiQ case shows a different side of the story.

HiQ vs LinkedIn

In 2017, LinkedIn Corp. sent HiQ Labs Inc. a cease-and-desist letter, accusing them of scraping LinkedIn public profiles.
linked vs hiq - image8.png

HiQ Labs, a data analytics company, used this data to help businesses with employee retention strategies.

LinkedIn claimed this violated the Computer Fraud and Abuse Act (CFAA) and LinkedIn’s terms of service.

In response, HiQ Labs filed a lawsuit against LinkedIn, requesting the court to stop LinkedIn from blocking its access to public LinkedIn profile data.

hiq case - image32.png

They claimed that publicly available data should remain accessible to anyone, and LinkedIn could not stop them from using it.

The District Court sided with HiQ, allowing them to continue scraping public profiles.

The court said LinkedIn couldn’t block access to publicly available information using the CFAA.

hiq relief - image25.png

In 2019, the Ninth Circuit agreed with the lower court’s decision, saying public profiles don’t fall under CFAA protection.

In 2021, after the Van Buren vs United States case clarified how the CFAA should be applied, the Supreme Court asked the appeals court to take another look at the decision.
web scraping legal - image13.png
Then, in 2022, the Ninth Circuit court of appeals reaffirmed its decision, ruling that scraping publicly available data from LinkedIn didn’t violate the CFAA.
The case ended with an out of court settlement between LinkedIn Corp and HiQ Labs Inc.

So what did we learn from this case?

It clearly established the fact that public social media profiles are not private data. This legal battle also gave us 2 important learnings about legality of scraping LinkedIn data.

  1. Web scraping is legal practice in general ✅
  2. Scraping LinkedIn profiles is allowed ✅

But LinkedIn used CFAA to sue HiQ, what’s CFAA?

Let’s learn some key laws related to data privacy.

There are a ton of laws out there when it comes to data privacy and protection. In this section, I'm focusing on the most important ones in the U.S. and EU.

  1. CFAA
  2. CCPA
  3. GDPR
  4. Copyright

Computer Fraud and Abuse Act (CFAA)

The CFAA mostly applies in the U.S. It was originally passed to fight hackers and unauthorized access to computers.
Under the CFAA), it's illegal to access a computer or network "without authorization" or to go beyond what you're allowed to access.
cfaa - image6.png

Why it matters for web scraping?

From the HiQ vs LinkedIn case, we know that scraping public data doesn't violate CFAA.

But there are some rules you must follow to scrape data.

  1. Don’t hack or use unethical ways to access data
  2. Breaking website terms is not (automatically) bad

Another important law regarding data privacy in the US is CCPA.

California Consumer Privacy Act (CCPA)

The CCPA is a privacy law that applies to businesses handling the personal data of California residents.

It was introduced to give people more control over how their data is collected, stored, and shared.

As per CCPA, businesses must inform users about the types of data they collect and provide an option to opt out of data collection.
ccpa - image1.png

It also allows California residents to request deletion of their data.

Why it matters for web scraping?

This law doesn’t directly deal with scraping. It doesn’t restrict scraping of publicly available data.

But it does put some restrictions on how the data can be collected and stored.

  1. Users must be informed if their data is being collected
  2. California residents can request to delete their data
  3. Scrapers and businesses need to offer opt-out options

Here are some other key laws in the U.S. related to web scraping:

  1. Economic Espionage Act (EEA) – Protects trade secrets; scraping business data without permission can violate this
  2. California Penal Code Section 502 – Criminalizes unauthorized access to systems in California
  3. Trespass to Chattels – Applies when scraping damages or overloads a server
  4. CAN-SPAM Act – Regulates the use of scraped emails for marketing

But what about web scraping in the EU?

Is LinkedIn scraping GDPR compliant?

The General Data Protection Regulation (GDPR) is a crucial privacy law in the European Union that protects personal data.

It sets strict rules on how businesses can collect, store, and use data from individuals, including when scraping publicly available information.

According to GDPR Article 5, data collection needs to be done fairly and for legitimate reasons.
gdpr article 5 - image31.png
Also you must get clear consent before collecting any personal data as explained in Article 6.
Personal data, defined in Article 4(1), includes anything that can identify someone, like their name, email, or even their IP address.
personal data - image26.png

GDPR also gives people the right to ask you to delete their personal data.

Why it matters for web scraping?

GDPR doesn’t prohibit scraping public data. It mainly defines personal data and rules of collecting and storing personal data.

  1. Defines personal data as anything that identifies an individual
  2. Scraping personal data of EU citizens requires explicit consent
  3. Only collect data that you need, no over collection
  4. Gives individuals the right to request deletion of their data
  5. Requires data protection throughout its lifecycle

Here are some other EU data protection and privacy laws that could impact web scraping activities.

  1. Database Directive – Protects databases from unauthorized data extraction
  2. ePrivacy Directive – Regulates data collection through cookies, impacting scraping that tracks user behavior

Copyright laws, especially in the U.S., protect original works of authorship—like creative writing or images.

Companies like LinkedIn and Meta often try to use this law against web scrapers.

They might argue that their user-generated content, databases, and structured information are protected by copyright.

In fact in the LinkedIn vs HiQ case, LinkedIn also pressed charges against HiQ claiming they violated DMCA (Digital Millennium Copyright Act).
linkedin vs hiq dmca - image24.png

Why it matters for web scraping?

Copyright doesn’t protect facts or basic data points.

The Feist Publications v. Rural Telephone case made it clear that raw data can’t be copyrighted, only the creative arrangement of that data can be.
feist v rural tel - image9.png

Laws like DMCA might help companies stop scrapers from redistributing content without permission.

But DMCA does not stop companies from scraping non-creative data, like facts.

In the European Union, the Database Directive gives more protection to databases.

But this applies only if there’s been a substantial investment in creating or maintaining the database.

It still doesn’t protect the individual data points—only the structure and organization.

So in the U.S. or EU, copyright law doesn’t cover the data itself. The facts and information can be scraped.


So what we’ve learned from these laws?

  1. Scraping public data is generally fine
  2. Using fake accounts is NOT OK
  3. People can request you to delete their personal data
  4. Purpose and usage of data makes it legal or illegal
  5. Scraping non-copyrighted data is allowed

But how do I differentiate between data I can scrape and data I can’t scrape?

Public vs Private data: Where to draw the line?

So far we know data can either be public or private. Let’s see what type of data can be scraped and where to draw the line.

Public data

Public data is information anyone can access without needing special permission. You don’t need to have any special access to see it.
public data - image12.png

This data is often found on websites, public records, or anything the owner chooses to share openly.

Social media profiles are often considered publicly available data sources even if you need to login to the social media platform.

social media public data - image34.png

On LinkedIn, public data includes info users have made visible to everyone on their profile, like names, job titles, education, experience, and company details.

shehriar linkedin profile - image16.gif

Users often make this public to help with networking and increase their visibility.

Private data

Private data, on the other hand, is restricted. It’s something that a user won’t want to share with everyone. You need permission or special access to view it.
private data - image21.png

On LinkedIn, private data can include messages, private posts, group activities, etc.

So can we scrape private data?

It’s legal to collect private data as well as long as:

  1. You have legit access to it
  2. You respect personal data processing laws
  3. You don’t distribute it without permission

Have legit access

From all the laws and lawsuits I’ve discussed above, we know one thing for sure – using fake accounts is not ok.

But what if I have access to the data?

If the information is visible to you as a regular user of the platform, scraping that data for personal use can be acceptable.

fake accounts meme - image17.png

This means as long as you’re using your own account and collecting data you’re allowed to see, it’s legal.

But you shouldn’t use any fraudulent methods or create fake accounts to gain access to the data.

Respect data processing laws

You must follow laws that protect personal data. These laws require that personal data, like names and emails, be handled responsibly.

  1. Have a legit purpose
  2. Don’t over collect
  3. Store data securely

Make sure you don’t overload LinkedIn’s system with excessive data collection. Collect what you need and have access to, at a small scale.

If you’re scraping private data, you should only use it for your own personal or business purpose.

Do not distribute or sell it without explicit permission.

sell data meme - image19.png

Since you’re able to view the data, you have legitimate access to it. You can collect it for personal use.

But when you start distributing the collected data, you’re now sharing the data limited to you with people who don’t have access to it.

That’s a bad practice and you need to avoid it at all costs when dealing with private data.

So what about Sales Navigator?

Sales Navigator is LinkedIn’s paid service that offers advanced tools for lead generation.

sales navigator - image20.png

While scraping public LinkedIn profiles is allowed, things are less clear when it comes to Sales Navigator.

Creating fake accounts to scrape data from Sales Navigator is definitely not okay.

When you create fake accounts, scrape data and distribute it, you’re allowing people who didn’t pay for LinkedIn’s premium service, access that information.

sales nav pricing - image29.png

It hurts LinkedIn’s business model by giving people access to data meant only for paying subscribers.

But what if you’re using your own Sales Navigator account?

In my opinion, using automation tools to collect data for personal or business use should be fine—you’re paying for the service and using the data yourself.

As long as you don’t sell or distribute the data to others for commercial purposes, you are good to go.

Sharing or selling the data could violate LinkedIn’s terms and even data protection laws, so it’s best to use it strictly for your own needs.

So how popular scraping tools collect data from LinkedIn legally?

How scrapers legally collect private data from LinkedIn?

For this, I’ll take the example of 2 most popular LinkedIn scrapers – Lobstr.io and Phantombuster.

For scraping LinkedIn, both scrapers have SOPs.

  1. Automation at scale
  2. Don’t overload the service
  3. Stay compliant to data processing

Both tools ask you to sync your own LinkedIn and Sales Navigator accounts. They don’t create fake accounts to access LinkedIn data.

sync account - image22.png

They automate your own LinkedIn account to do what you can do manually but faster.

They comply with LinkedIn’s rate limits to make sure the platform is not flooded with requests. You can’t collect data beyond a certain daily limit.

lobstr limits - image35.png

As per GDPR, data collection needs to be limited and for legitimate purposes. These scrapers claim to follow these guidelines.

Also, both services are France-based and as per French law, it’s legal to collect any facts or data points if you have legit access to it and you don’t over-collect.
french law - image33.png
In fact, their terms of services mention all the points I've explained above. Here's what Lobstr.io's terms of use say about scraping private data:
Lobstr terms of use
  1. Legit access and permission
  2. No over-collection
  3. No sensitive data collection
  4. No copyright voilation
  5. Comply with data processing laws

Besides this, what are ethical considerations to scrape LinkedIn data?

What are the best practices for scraping LinkedIn?

Based on what I’ve learned from studying the laws, cases, and LinkedIn’s concerns, here are some ethical considerations and good scraping practices to follow:

  1. Scrape public data only — Avoid private or restricted data
  2. Limit your scraping speed — Too fast can get you blocked
  3. Follow privacy laws — Especially with personal info like names or emails
  4. Respect user privacy — Don’t scrape sensitive user data
  5. Store data securely — Use encryption and other security measures
  6. Don’t fool the platform — Avoid fake accounts and payment info
  7. Use ethical scraping tools — Choose tools that comply with legal standards
  8. Monitor for legal changes — Stay informed about new regulations
  9. Use the data responsibly — Avoid selling or sharing scraped data if it's not allowed
  10. Respect opt-out requests — Comply if someone asks to remove their data
  11. Log your activities — Keep a record of when and what you’ve scraped

Now let me answer some FAQs to clear the confusions you might have.

FAQs

What is LinkedIn automation?

LinkedIn automation means using tools to automate LinkedIn tasks like collecting user profile data, sending connection requests, and messages, engaging with posts, etc.

It saves time, boosts productivity, and helps with networking and lead generation.

Yes, LinkedIn automation is legal if it’s done for personal or business purposes. Doing it for commercial purposes like selling data is not allowed.

Does LinkedIn allow data scraping for personal use?

No, LinkedIn doesn’t allow scraping even for personal use. However, it’s not illegal to scrape data from LinkedIn if you have legit access and follow data laws.

Yes, it’s legal to scrape job postings from LinkedIn. LinkedIn job postings are facts and as a LinkedIn member, you have legitimate access to them.

But using fake profiles to scrape job postings falls under unauthorized scraping.

Yes, as a member of LinkedIn, if you have access to a group’s members and posts, you can collect it for personal use like social networking.

Same applies to your LinkedIn connections too. You can scrape them and use the data for legit purposes.

Selling this data is prohibited though.

Yes, it’s legal to collect and track LinkedIn connections activities. Since it’s part of LinkedIn automation, you can do it if you’re using your own LinkedIn account.

Conclusion

That’s a wrap on legality of LinkedIn, key laws, and best practices. Again, all the information is based on publicly available facts and is not at all a legal advice.

Shehriar Awan - Content Writer at Lobstr.ioShehriar Awan

Self-proclaimed Head of Content @ lobstr.io. I write all those awesome how-tos, listicles, and (they deserve) troll our competitors.

Related Articles

Related Squids